On Tue, May 04, 2004 at 08:10:36AM +0200, Florian Weimer wrote: > A few packages contain "software" (well, everything's software these > days) which is cryptographically protected against modification. This > seems to violate DFSG §3. > Such packages include: > - apt (in experimental, can be fixed) > - mozilla-psm > - debian-keyring > - ssl-cert > and a few more. What in the world does "cryptographically protected against modification" mean? If you're talking about packages that ship only the public half of an asymmetric key pair, this is inane. The public key is its own source, and you're free to modify it; it just isn't guaranteed to work if you modify it. Nowhere does the DFSG say that software must continue to *work* after you make arbitrary and idiotic changes to them. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature